[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-Disclosure] Safe Run As
From: offtopic <offtopic () mail ! ru>
Date: 2005-02-28 15:16:17
Message-ID: E1D5md7-000916-00.offtopic-mail-ru () f25 ! mail ! ru
[Download RAW message or body]
Safe Run As - keylogger protection
This tool is created to protect administrative passwords against keyloggers.
Administrator's passwords are stored in the AES encrypted file on the removalable storage \
(flash-drive, floppy). Then you need to use "run as" command you launch saferunas.hta, and \
provide username and encryption key. Passwords are decrypted and cmd.exe is launched with \
selected user's privileges. Edit.hta tool can be used to create and modify file with encrypted \
passwords.
Attention!
- This tool doesn't protect against smart malware which can copy password file and steal \
encryption key.
- You can't choose program to run. Coming soon.
- In this version password entered is used as AES key directly. This is bad idea. PKCS#5 \
version is coming soon.
- Attention - when you run GUI application as high privileged user, you are vulnerable for \
Shatter-style attacks (see shatter vbs for example).
http://www.security.nnov.ru/soft/srunas/
(c)oded by offtopic@mail.ru
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic